Security Projects

Security Information and Event Management (SIEM)

Lead procurement, deployment, operationalization of multiple on-prem and cloud-based SIEM-platforms and Service Providers, in environments large (3k endpoints, 12k users) to small (600 endpoints and 350 users) 

RSA Envision, ArcSight, Azure Sentinel 

Endpoint Protection Platforms

Procurement, deployment, operationalization of Endpoint Detection and Response platforms, maximizing protecting while minimizing interruption to business

Crowdstrike, Palo Alto Cortex, McAfee

Vulnerability Management Platforms

From requirement gathering to procurement to implementation, to the roll out of new and optimizing processes for addressing and reporting on vulnerabilities.

Tenable, Rapid7 deployments

Firewalls and SD-WAN

Experience managing deployment and management of next-generation firewalls, and co-managed solutions with service providers

Palo Alto Networks, PAN Prisma Access, CATO Networks SD-WAN

Security Program Assessment & Design

Provide leadership to develop security programs, measure and report on maturity and establish a multi-year maturity roadmap.

Incident Response & Disaster Recovery

Lead development of cyber incident response plan, lead incident response table top exercises, and development of playbooks to address scenarios.

Privacy Projects

National Registry of Physicians

Provided privacy leadership into the technical design of the Registry in Azure, and privacy diligence activities for launching the NRP. Negotiated inclusion of 12 provincial and territorial Medical Registration Authorities (MRAs) to voluntarily participate in a national data-sharing register of physician data in Canada.

Digital Dealer Registration

Conducted a Privacy Impact Assessment (PIA) for the cloud-based DDR platform which enabled automotive dealerships to register new and used vehicles remotely.

Data Exchange Platform

Conducted a Privacy Impact Assessment on a new cloud-based data sharing and processing platform leveraging Azure DataBricks, Data Lake, and Azure Purview for transferring sensitive information.

REACH Portal

Conducted a PIA of a regional clinical data sharing portal, in addition to administering governance meetings, and operationalizing the portal, and support amendments to the data sharing agreements.

EPIC Health Information System

Responsible for providing privacy and security diligence activities including facilitating PIAs and TRAs on a hospital's new electronic health information system. 

REDCap Data Collection Platform

Completed PIA on a data platform used to collect and store personal health information for research purposes.